authentication and authorization in subfolders

D

dotosu

Hello,
I went through several posts and found out that it is only possible to
have the authentication tag only at an app level but the authorization
tags can be present at the subfolder level after specifying the
location tag in the web.config file in the subfolder.

My question is:
I want to have a forms authentication on the app level and allow only
about 5 windows users at the subfolder level. Is is possible to do
this using only the authorization tag? What kind of authentication
should I use at the app level?

I would appreciate any help.

Thanks,
dotosu
 
T

Teemu Keiski

See this article:
http://www.dotnetbips.com/displayarticle.aspx?id=201

about mixing Forms Authentication and Windows Authentication. Perhaps you
could run the system with Forms Auth-based, but check the Windows Identity
for those pages where you'd need to check those 5 Windows Identities. I
believe <authorization> won't help with that one, though (unless you have
some mapping between forms auth and Windows auth, say if user exists as
Windows user you could set session variable etc to indicate that user is
allowed for WinAuth pages or something similar)

--
Teemu Keiski
MCP, Designer/Developer
Mansoft tietotekniikka Oy
http://www.mansoft.fi

AspInsiders Member, www.aspinsiders.com
ASP.NET Forums Moderator, www.asp.net
AspAlliance Columnist, www.aspalliance.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top